CVSROOT:        /cvs
Module name:    src
Changes by:     m...@cvs.openbsd.org    2020/04/12 05:56:53

Modified files:
        sys/net        : if_gre.c if_pfsync.c if_tun.c if_vxlan.c 
                         pf_ioctl.c 
        sys/netinet    : ip_input.c 
        sys/netinet6   : ip6_input.c 

Log message:
Stop processing packets under non-exclusive (read) netlock.

Prevent concurrency in the socket layer which is not ready for that.

Two recent data corruptions in pfsync(4) and the socket layer pointed
out that, at least, tun(4) was incorrectly using NET_RUNLOCK().  Until
we find a way in software to avoid future mistakes and to make sure that
only the softnet thread and some ioctls are safe to use a read version
of the lock, put everything back to the exclusive version.

ok stsp@, visa@

Reply via email to